Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Remote Zugriff auf meinem PC?

Remote Zugriff auf meinem PC?


Plagegeister aller Art und deren Bekämpfung: Remote Zugriff auf meinem PC?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.10.2011, 21:30   #1
zotac
 
Remote Zugriff auf meinem PC? - Standard

Remote Zugriff auf meinem PC?


Hallo,

habe heute meinen PC eingeschaltet, und dann erst mal den Browser etc. geöffnet, als ich dann plötzlich keine Klicks machen konnte, und mein Laufwerk sich öffnete, und schliesste. Dann fing der Zeiger ein wenig an zu stocken. Und plötzlich konnte ich den Zeiger nicht mehr bewegen, und er bewegte sich "von alleine".. Eigentlich genau wie wenn jemand Remotemässig auf meinen PC zugreift (wie z.B. bei Teamviewer). Habe dann sofort die Stromversorgung meines PCs getrennt, und anschliessend neu gestartet, und einfach die Internetverbindung getrennt. Wollte dann den Antivirus nach einer Infizierung suchen lassen, jedoch habe ich da gesehen dass er plötzlich deaktiviert war (war vorher 100%ig noch an!). Hab dann mit Avast einen Virenscan durchgeführt, welcher jedoch zu keinem Ergebnis geführt hat.. Habe ebenfalls bemerkt, dass plötzlich alle versteckten und geschützten Dateien sichtbar sind..

(Irgendwie krieg ich keinen Spoiler hin)
Code:
ATTFilter
OTL logfile created on: 07.10.2011 20:32:14 - Run 1
OTL by OldTimer - Version 3.2.29.1     Folder = L:\
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
8.00 Gb Total Physical Memory | 5.73 Gb Available Physical Memory | 71.61% Memory free
16.00 Gb Paging File | 13.64 Gb Available in Paging File | 85.24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.79 Gb Total Space | 71.60 Gb Free Space | 64.05% Space Free | Partition Type: NTFS
Drive D: | 175.78 Gb Total Space | 96.53 Gb Free Space | 54.91% Space Free | Partition Type: NTFS
Drive E: | 755.73 Gb Total Space | 15.64 Gb Free Space | 2.07% Space Free | Partition Type: NTFS
Drive L: | 7.44 Gb Total Space | 7.44 Gb Free Space | 99.99% Space Free | Partition Type: FAT32
 
Computer Name: ZOTAC-PC | User Name: zotac | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.10.07 19:52:54 | 000,582,656 | ---- | M] (OldTimer Tools) -- L:\OTL.exe
PRC - [2011.09.06 22:45:30 | 003,722,416 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.08.22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011.08.22 17:07:18 | 000,103,536 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2011.08.22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011.08.22 16:34:52 | 011,837,440 | ---- | M] () -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
PRC - [2011.08.22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.02.24 15:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.05.26 13:42:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009.02.27 16:38:22 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.09.06 22:45:28 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.10.01 13:51:30 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.08.22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011.08.22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011.08.22 16:34:52 | 011,837,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2011.08.22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011.08.21 23:11:28 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2011.08.17 17:52:05 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Disabled | Stopped] -- D:\TeamViewer\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.08.03 13:50:00 | 002,255,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.06.17 09:34:18 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.10.01 20:48:28 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)
DRV:64bit: - [2011.09.06 22:38:18 | 000,601,944 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011.09.06 22:38:16 | 000,301,912 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011.09.06 22:36:41 | 000,058,200 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011.09.06 22:36:41 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011.09.06 22:36:30 | 000,065,368 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011.09.06 22:36:14 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011.08.26 19:08:32 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2011.08.26 19:08:32 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2011.08.26 18:21:24 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.08.22 17:07:58 | 000,062,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011.08.22 17:06:46 | 000,032,880 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011.08.22 17:06:14 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011.08.22 15:12:26 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011.08.22 15:12:26 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011.08.21 23:11:26 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.08.08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.05.10 11:41:28 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011.05.10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.30 13:59:22 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.30 13:59:22 | 000,060,184 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.04.30 13:59:10 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011.04.30 13:59:10 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.16 17:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011.02.10 14:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.02.10 14:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.09.22 19:58:06 | 000,063,696 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RAMDiskVE.sys -- (RAMDiskVE)
DRV:64bit: - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2009.08.21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2007.01.29 06:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2011.01.06 11:06:56 | 000,011,888 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Setup Files\Ms7599vHD0\NTIOLib_X64.sys -- (NTIOLib_1_0_6)
DRV - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.03.09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = Hotmail, Messenger, Lifestyle, Unterhaltung, Reisen, News, Sport und vieles mehr auf msn.ch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3E B7 B6 C6 A5 7F CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.chip.de/"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011.09.10 21:30:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.01 10:30:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011.08.26 18:12:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zotac\AppData\Roaming\mozilla\Extensions
[2011.10.01 10:27:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\zotac\AppData\Roaming\mozilla\Firefox\Profiles\827hf6zf.default\extensions
[2011.08.27 15:31:24 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\zotac\AppData\Roaming\mozilla\Firefox\Profiles\827hf6zf.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.27 19:23:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.08.27 19:23:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}
() (No name found) -- C:\USERS\ZOTAC\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\827HF6ZF.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.10.01 10:30:42 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.12 06:19:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.08.12 06:14:12 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.08.12 06:19:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.08.12 06:19:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.08.12 06:19:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.08.12 06:19:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s File not found
O4:64bit: - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe File not found
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\zotac\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\zotac\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DD4E752-91A1-4BB0-85E5-6305EF200C17}: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.10.06 22:30:55 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\Diagnostics
[2011.10.06 17:55:21 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{4EB4E15C-A061-4167-B995-E6EC6BFF971D}
[2011.10.06 17:55:09 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{045FEFA1-46F8-40B8-A49D-759F18B1BC7F}
[2011.10.05 22:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.10.05 22:38:20 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.10.05 15:49:18 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{839620E9-4A12-4ABB-88EA-DC6B1CD9A7C0}
[2011.10.05 15:49:04 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{9C8E99F1-DF95-4D14-8076-A8165D974794}
[2011.10.05 07:46:12 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{888017E8-1D19-4B87-A365-D2E2C15D181D}
[2011.10.05 07:46:01 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{E98014A2-E9DA-4A0C-BC97-0C88197BA138}
[2011.10.04 19:29:22 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{A8052518-4DEB-430A-BEC7-EFC1B22A2506}
[2011.10.04 19:29:11 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{9078012A-BC3E-489E-A15A-DF1241460B7E}
[2011.10.04 07:28:43 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{396853A0-E267-42FB-B28D-20C7BC044748}
[2011.10.04 07:28:29 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{C315D081-FCF8-4435-A07A-5DB8288B859B}
[2011.10.03 19:20:33 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{24C1D03A-5483-4F97-89EA-4F97671D8AEF}
[2011.10.03 19:20:21 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{5558B290-1D05-4393-8798-08779C56630D}
[2011.10.03 07:19:57 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{B05F26C2-2A82-4605-8A24-AEFE7A801184}
[2011.10.03 07:19:45 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{AFDC642D-1213-4CAA-B2BB-3B115928E62B}
[2011.10.02 22:01:03 | 000,000,000 | R--D | C] -- C:\Users\zotac\AppData\Roaming\Brother
[2011.10.02 19:14:04 | 000,000,000 | ---D | C] -- C:\Users\zotac\Documents\KONAMI
[2011.10.02 19:08:41 | 000,000,000 | ---D | C] -- C:\ProgramData\KONAMI
[2011.10.02 12:20:28 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{CA1271A1-7907-4798-8468-CD7453885089}
[2011.10.02 12:20:16 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{370DC73C-6343-4D0A-847B-372450A05339}
[2011.10.01 11:40:35 | 000,046,592 | ---- | C] (libusb-Win32) -- C:\Windows\SysWow64\libusb0.dll
[2011.10.01 10:28:07 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{39DD40C4-DFC9-4AE3-A2BB-832F5E2FAF3E}
[2011.10.01 10:27:55 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{D0348CD1-E5FA-4441-8164-62026D79B98C}
[2011.09.30 20:44:47 | 000,000,000 | ---D | C] -- C:\Users\zotac\Documents\Eigene virtuelle Computer
[2011.09.30 20:44:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Treiber
[2011.09.30 20:44:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Virtual PC
[2011.09.30 19:47:37 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{7A9B3EA7-2186-483F-88C9-A66FB5C7D39E}
[2011.09.30 19:47:26 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{62ADACE8-E704-454E-9C16-BD2D0E07DBD5}
[2011.09.30 07:47:01 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{06C032C2-0691-41F6-98DB-21F420385C1E}
[2011.09.30 07:46:50 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{C71A81A4-BC6B-4487-B40E-6944736C8D5B}
[2011.09.29 18:43:38 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{D30A805D-8DAF-4E27-8A04-874E5A9B267A}
[2011.09.29 18:43:26 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{BC0BA327-2638-4666-85D6-3FB479DDD9A4}
[2011.09.28 18:30:07 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{1EDCF7F5-8FE4-4DB4-AF14-DD6C0609CC50}
[2011.09.28 18:29:55 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{21D5E6E1-00F3-4C69-8E06-9CD84AEB3C92}
[2011.09.27 17:02:42 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{8B42C289-815A-411F-A49D-B3A2691D6364}
[2011.09.27 17:02:31 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{C1A69CFD-6D81-4FF1-B9CD-E2A695525A72}
[2011.09.27 17:02:04 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{03F83FE4-EBF1-4531-BFBB-688536BDBBBA}
[2011.09.26 19:45:53 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{307C82F7-8837-4AAB-8B51-AE3C0601AA82}
[2011.09.26 19:45:42 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{035597AA-7497-460A-8521-3B975E171F0E}
[2011.09.26 18:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RAMDisk
[2011.09.26 18:47:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dataram RAMDisk
[2011.09.26 07:28:46 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{A0DD7C69-8824-4AE3-8149-8355E6D93563}
[2011.09.26 07:28:35 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{B24EE5E5-A812-4288-86A3-56452607F67E}
[2011.09.26 00:06:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.09.25 17:22:50 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.09.25 17:22:50 | 000,000,000 | ---D | C] -- C:\Users\zotac\Application Data
[2011.09.25 12:20:46 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{6642BFB6-0F3C-4772-AD8E-67629BAB205A}
[2011.09.25 12:20:34 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{8920166E-9372-4DA4-BA7C-4D45584993AD}
[2011.09.24 23:19:24 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{1534512A-1569-4E2F-808B-1A87C95453F0}
[2011.09.24 23:19:10 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{3D298293-E03B-43B5-A630-12DE0387624D}
[2011.09.24 22:07:33 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\xlive
[2011.09.24 22:07:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Games for Windows - LIVE
[2011.09.24 22:03:31 | 000,466,456 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.09.24 22:03:31 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.09.24 22:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2011.09.24 21:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\F1 2011
[2011.09.24 21:38:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bing Bar Installer
[2011.09.24 21:38:06 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2011.09.24 18:13:55 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\Ubisoft Game Launcher
[2011.09.24 18:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2011.09.24 18:04:33 | 000,000,000 | ---D | C] -- C:\Users\zotac\Documents\Ubisoft
[2011.09.24 18:04:33 | 000,000,000 | ---D | C] -- C:\temp
[2011.09.24 17:59:13 | 000,000,000 | -H-D | C] -- C:\Users\zotac\InstallAnywhere
[2011.09.24 11:18:46 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{BDC4B437-C753-4F35-A51D-DAFB0FEF2DCA}
[2011.09.24 11:18:35 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{ACC2751A-C766-46FE-93F8-2E4A1C8095B7}
[2011.09.23 19:42:02 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{1CBD0F7F-718D-40CC-B159-75C172870AAA}
[2011.09.23 19:41:51 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{C6097336-4355-4DCA-952A-3CEB05D24C1F}
[2011.09.23 07:41:27 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{E1DF22B0-98E2-44C6-B442-1B43D3F77055}
[2011.09.23 07:41:15 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{EA734CF3-A4E4-4172-9F7E-FDF233FE453E}
[2011.09.22 19:17:34 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{5C80F0FC-9F97-47E0-94FE-A6690AA55E03}
[2011.09.22 19:17:23 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{E014DEA1-0EF3-40CA-A25E-F7871BF3541D}
[2011.09.21 17:35:18 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{A77DE443-AD58-4F76-B054-76D4D9BD2919}
[2011.09.21 17:35:07 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{2730D53C-5E07-4EE3-AB1D-636449F90228}
[2011.09.20 18:51:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2011.09.20 18:50:50 | 001,560,576 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrWia09b.dll
[2011.09.20 18:50:50 | 000,207,872 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll
[2011.09.20 18:50:50 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll
[2011.09.20 18:50:50 | 000,082,944 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll
[2011.09.20 18:50:50 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2011.09.20 18:50:50 | 000,058,368 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll
[2011.09.20 18:50:50 | 000,047,616 | ---- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll
[2011.09.20 18:50:50 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2011.09.20 18:50:50 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2011.09.20 18:50:49 | 000,167,936 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2011.09.20 18:50:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2011.09.20 18:49:43 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Roaming\InstallShield
[2011.09.20 18:49:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2011.09.20 17:05:15 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{9B5B1CBE-D655-4844-86D2-B15841D2538F}
[2011.09.20 17:05:05 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{CE427102-AC9C-4FAE-B8CC-52DEEEF45170}
[2011.09.19 18:42:39 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{998E8B29-47BE-4BD9-A747-3BCF95F239E7}
[2011.09.19 18:42:28 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{3E7826A0-6B50-450A-805D-FE8EBC43EC20}
[2011.09.18 14:13:51 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{641FC775-D9B8-4981-8E09-FAAC562E9283}
[2011.09.18 14:13:39 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{2802DA65-F15A-49BB-A0D2-9D333027DA76}
[2011.09.17 15:38:40 | 000,062,064 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2011.09.17 15:38:19 | 000,354,416 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2011.09.17 15:38:16 | 000,432,752 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2011.09.17 15:38:16 | 000,030,320 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2011.09.17 15:38:15 | 000,942,192 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2011.09.17 15:38:13 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2011.09.17 15:38:13 | 000,032,880 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2011.09.17 15:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2011.09.17 15:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2011.09.17 15:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2011.09.17 15:38:02 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2011.09.17 15:37:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2011.09.17 14:19:22 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{54A77FE3-8293-406A-8D19-1A18B9C8A104}
[2011.09.17 14:19:11 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{55B0BCDB-55D5-4656-BC67-4C4AF0771921}
[2011.09.16 23:39:10 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{08CF4A77-E8D6-4EA9-B4F1-1DF328A1F2AE}
[2011.09.16 23:38:58 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{B2E5723D-2EBC-4439-A153-4D2B78C88D3B}
[2011.09.16 07:51:14 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{AA04A3FD-8F3C-4890-A75E-3BB41A347138}
[2011.09.16 07:51:03 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{EE3A5A53-618C-4195-A8D3-9379AC606763}
[2011.09.15 18:07:05 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{C4334E89-395E-4D86-9509-86DEB7DA7A12}
[2011.09.15 18:06:54 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{F04C2AD8-870D-435E-A32C-B8472D9C3B84}
[2011.09.14 19:25:57 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{03C4624E-477B-4414-8765-2519CF1A156B}
[2011.09.14 19:25:46 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{DDBA0773-C310-4DDD-AC54-081F1922B1C4}
[2011.09.14 07:25:22 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{DF531FEA-1A2C-4DFB-BDAF-265B04D1E9DD}
[2011.09.14 07:25:10 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{9D5CF112-02E9-4CD4-AF8A-E8761C171793}
[2011.09.13 21:32:38 | 000,000,000 | ---D | C] -- C:\Users\zotac\Documents\FIFA 12
[2011.09.13 21:30:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
[2011.09.13 21:30:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2011.09.13 19:08:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2011.09.13 17:56:55 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Roaming\Opera
[2011.09.13 17:56:55 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\Opera
[2011.09.13 17:56:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2011.09.13 17:48:08 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{96E50B69-08AA-4496-BC31-0D92DC39D925}
[2011.09.13 17:47:57 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{C6238D9A-F99D-4436-8796-FA660094DF5E}
[2011.09.13 17:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2011.09.13 17:33:36 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2011.09.12 19:44:52 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{2D4DB3AD-6B41-473B-8666-491C834B94EB}
[2011.09.12 19:44:41 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{99A85B64-DAD2-4709-829D-508F39B74031}
[2011.09.12 16:49:14 | 000,013,800 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadwh.sys
[2011.09.12 16:49:14 | 000,013,288 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\ssadcm.sys
[2011.09.12 16:49:00 | 000,015,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscdwh.sys
[2011.09.12 16:49:00 | 000,015,432 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\sscdcm.sys
[2011.09.12 16:48:56 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2011.09.12 16:08:34 | 000,000,000 | ---D | C] -- C:\Users\zotac\Documents\NPS
[2011.09.12 16:06:22 | 000,025,960 | ---- | C] (Teruten Inc) -- C:\Windows\SysWow64\FsExService64.Exe
[2011.09.12 16:06:22 | 000,025,960 | ---- | C] (Teruten Inc) -- C:\Windows\SysNative\FsExService64.exe
[2011.09.12 16:06:22 | 000,016,448 | ---- | C] (Teruten Inc) -- C:\Windows\SysWow64\drivers\TFsExDisk.Sys
[2011.09.12 16:06:22 | 000,016,448 | ---- | C] (Teruten Inc) -- C:\Windows\SysNative\drivers\TFsExDisk.sys
[2011.09.12 16:06:18 | 000,000,000 | ---D | C] -- C:\Users\zotac\Documents\My NPS Files
[2011.09.12 15:26:25 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\Samsung
[2011.09.12 15:26:23 | 000,000,000 | ---D | C] -- C:\Users\zotac\Documents\samsung
[2011.09.12 15:25:20 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\SysWow64\Redemption.dll
[2011.09.12 15:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2011.09.12 15:24:57 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Roaming\Samsung
[2011.09.12 15:24:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2011.09.12 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2011.09.12 14:04:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.09.12 14:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.09.12 14:04:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.09.12 14:04:08 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.09.12 13:59:59 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2011.09.12 13:05:19 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\LogiShrd
[2011.09.12 07:44:17 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{247A0B59-FDFF-413A-AB2C-B883B9CEBE81}
[2011.09.12 07:44:05 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{63FA349F-E4DC-4564-8465-BE01A61320E1}
[2011.09.11 17:42:04 | 000,000,000 | ---D | C] -- C:\Users\zotac\.android
[2011.09.11 12:14:11 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{50C29CB1-844C-4C08-99D7-DD148345EB72}
[2011.09.11 12:14:00 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{FA433EF1-40EB-47B7-8208-B8C5A7FCD943}
[2011.09.10 13:37:36 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{683FE3C3-2011-4AB5-96E4-E05B1EA17CB8}
[2011.09.10 13:37:25 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{E96C6558-D430-4133-B3E5-DF8F6DC5FA9E}
[2011.09.09 15:30:34 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{8A85A9D0-CDA4-4254-8656-CEC29778F70D}
[2011.09.09 15:30:23 | 000,000,000 | ---D | C] -- C:\Users\zotac\AppData\Local\{B313399E-E14D-4884-8956-00EB40B1A528}
 
========== Files - Modified Within 30 Days ==========
 
[2011.10.07 20:35:11 | 001,480,184 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.07 20:35:11 | 000,647,988 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.07 20:35:11 | 000,610,350 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.07 20:35:11 | 000,128,114 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.07 20:35:11 | 000,105,254 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.07 18:43:50 | 000,022,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.07 18:43:50 | 000,022,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.07 18:36:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.07 18:36:41 | 2146,815,999 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.05 22:42:50 | 000,136,683 | ---- | M] () -- C:\Users\zotac\Desktop\Unbenannt.png
[2011.10.05 22:38:20 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.05 20:06:56 | 000,000,080 | ---- | M] () -- C:\Users\zotac\AppData\Local\CrystalDiskMark30.ini
[2011.10.02 22:19:27 | 000,002,562 | ---- | M] () -- C:\Windows\diagwrn.xml
[2011.10.02 22:19:27 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2011.10.02 20:34:16 | 000,000,438 | ---- | M] () -- C:\Users\zotac\Desktop\PES 2012.lnk
[2011.09.29 20:51:06 | 000,000,621 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 12.lnk
[2011.09.26 00:05:23 | 000,694,998 | ---- | M] () -- C:\Users\zotac\Desktop\untitled2.bmp
[2011.09.25 16:50:57 | 000,144,553 | ---- | M] () -- C:\Users\zotac\Desktop\1.PNG
[2011.09.24 22:03:31 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.09.24 22:03:31 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.09.24 21:43:43 | 000,000,543 | ---- | M] () -- C:\Users\Public\Desktop\F1 2011.lnk
[2011.09.24 18:13:44 | 000,000,426 | ---- | M] () -- C:\Users\zotac\Desktop\Driver San Francisco.lnk
[2011.09.24 16:57:31 | 006,220,854 | ---- | M] () -- C:\Users\zotac\Desktop\untitled.bmp
[2011.09.21 21:26:41 | 060,404,797 | ---- | M] () -- C:\Users\zotac\Desktop\Aspire1825MT.rar
[2011.09.20 18:51:00 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011.09.20 18:51:00 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2011.09.20 18:50:52 | 000,000,050 | ---- | M] () -- C:\Windows\SysNative\bridf06a.dat
[2011.09.17 15:38:12 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011.09.17 15:38:10 | 001,499,556 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.17 15:38:09 | 000,002,141 | ---- | M] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2011.09.17 14:18:58 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011.09.13 22:44:07 | 000,001,990 | ---- | M] () -- C:\Users\zotac\Desktop\CrystalDiskInfo.lnk
[2011.09.13 22:29:16 | 000,001,152 | ---- | M] () -- C:\Users\zotac\Desktop\Logitech Unifying-Software.lnk
[2011.09.13 21:30:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011.09.13 17:56:54 | 000,001,839 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.09.12 22:38:56 | 000,032,484 | ---- | M] () -- C:\Users\zotac\Desktop\Unbenannt2.png
[2011.09.12 14:13:23 | 000,000,131 | ---- | M] () -- C:\Users\zotac\AppData\Roaming\HKTunes.ini
[2011.09.12 14:04:14 | 000,001,789 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.09.11 17:37:56 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2011.09.10 21:30:02 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

========== Files Created - No Company Name ==========

[2011.10.05 22:42:50 | 000,136,683 | ---- | C] () -- C:\Users\zotac\Desktop\Unbenannt.png
[2011.10.05 22:38:20 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.02 22:19:25 | 000,002,562 | ---- | C] () -- C:\Windows\diagwrn.xml
[2011.10.02 22:19:25 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2011.10.02 20:34:16 | 000,000,438 | ---- | C] () -- C:\Users\zotac\Desktop\PES 2012.lnk
[2011.10.01 11:40:35 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2011.09.30 20:44:10 | 000,001,883 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
[2011.09.29 20:51:06 | 000,000,621 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 12.lnk
[2011.09.29 20:51:06 | 000,000,621 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 12.lnk
[2011.09.26 00:05:23 | 000,694,998 | ---- | C] () -- C:\Users\zotac\Desktop\untitled2.bmp
[2011.09.25 16:50:57 | 000,144,553 | ---- | C] () -- C:\Users\zotac\Desktop\1.PNG
[2011.09.24 21:43:43 | 000,000,543 | ---- | C] () -- C:\Users\Public\Desktop\F1 2011.lnk
[2011.09.24 18:13:44 | 000,000,426 | ---- | C] () -- C:\Users\zotac\Desktop\Driver San Francisco.lnk
[2011.09.24 16:57:31 | 006,220,854 | ---- | C] () -- C:\Users\zotac\Desktop\untitled.bmp
[2011.09.21 21:26:26 | 060,404,797 | ---- | C] () -- C:\Users\zotac\Desktop\Aspire1825MT.rar
[2011.09.20 18:51:00 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.09.20 18:51:00 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.09.20 18:50:52 | 000,000,050 | ---- | C] () -- C:\Windows\SysNative\bridf06a.dat
[2011.09.20 18:50:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysNative\BrSNMP64.dll
[2011.09.17 15:38:09 | 000,002,141 | ---- | C] () -- C:\Users\Public\Desktop\VMware Workstation.lnk
[2011.09.13 21:30:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2011.09.13 19:38:59 | 000,001,152 | ---- | C] () -- C:\Users\zotac\Desktop\Logitech Unifying-Software.lnk
[2011.09.13 17:56:54 | 000,001,851 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011.09.13 17:56:54 | 000,001,839 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.09.12 21:05:47 | 000,032,484 | ---- | C] () -- C:\Users\zotac\Desktop\Unbenannt2.png
[2011.09.12 14:09:13 | 000,000,131 | ---- | C] () -- C:\Users\zotac\AppData\Roaming\HKTunes.ini
[2011.09.12 14:04:14 | 000,001,789 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011.09.11 17:37:56 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUsb_01007.Wdf
[2011.09.02 22:22:59 | 000,000,017 | ---- | C] () -- C:\Users\zotac\AppData\Local\resmon.resmoncfg
[2011.08.27 11:54:35 | 000,000,080 | ---- | C] () -- C:\Users\zotac\AppData\Local\CrystalDiskMark30.ini
[2011.08.26 18:49:32 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.07.26 17:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.07.26 17:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.07.26 17:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.07.26 17:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
 
========== LOP Check ==========
 
[2011.08.26 18:31:40 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\ArchiCrypt Ultimate RAM-Disk3
[2011.08.27 15:37:54 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\DAEMON Tools Lite
[2011.10.05 21:58:03 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\Dropbox
[2011.08.27 15:31:26 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\DVDVideoSoft
[2011.08.27 15:31:24 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.04 23:32:03 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\FileZilla
[2011.08.27 10:38:29 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\Leadertech
[2011.08.26 18:33:16 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\Notepad++
[2011.09.13 17:56:55 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\Opera
[2011.09.12 18:27:30 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\Samsung
[2011.09.04 13:43:13 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\TeamViewer
[2011.08.27 12:19:23 | 000,000,000 | ---D | M] -- C:\Users\zotac\AppData\Roaming\Windows Live Writer
[2009.07.14 07:08:49 | 000,022,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Und hier noch ein Bild von den Prozessen welche im Hintergrund laufen:

hxxp://www.imagebanana.com/view/ys7sp1g1/prozesse.png

Alt 07.10.2011, 22:19   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Remote Zugriff auf meinem PC? - Standard

Remote Zugriff auf meinem PC?


Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________

__________________
Antwort

Themen zu Remote Zugriff auf meinem PC?
antivirus, avast, bho, bonjour, browser, converter, document, download, excel.exe, explorer, firefox, format, helper, langs, launch, libusb0.sys, logfile, microsoft, mp3, neu, nvidia, plug-in, programme, prozesse, realtek, registry, remote zugriff, scan, software, studio, suche, usb, usb 3.0, version=1.0, webcheck, windows


« avast! findet Rootkit - Fehlalarm? | Diverse einkommende Verbindungen »


Ähnliche Themen: Remote Zugriff auf meinem PC?


  1. Remote-Schadsoftware kontrolliert gesamtes Heimnetzwerk: Manipulation des Windows-Remote-Systems
    Log-Analyse und Auswertung - 10.09.2015 (5)
  2. Unbefugter Zugriff auf meinem Ebay-Account evtl. wegen Polizei Virus/Trojaner?
    Log-Analyse und Auswertung - 08.06.2015 (10)
  3. Remote Zugriff auf meinen Computer?
    Plagegeister aller Art und deren Bekämpfung - 26.05.2015 (15)
  4. Windows 8.1 remote zugriff mit selbständiger Tastatureingabe
    Plagegeister aller Art und deren Bekämpfung - 13.10.2014 (3)
  5. Dos Angriffe und Lan Access, verschafft sich da jemand Zugriff zu meinem Netzwerk?
    Log-Analyse und Auswertung - 25.10.2013 (11)
  6. 1.Trojan.Gen.2 in C:\windows 2. Remote-System versucht Zugriff
    Log-Analyse und Auswertung - 30.03.2013 (9)
  7. Übernahme der Peripheriekontrolle durch unautorisierten Remote-Zugriff
    Log-Analyse und Auswertung - 11.01.2012 (13)
  8. remote zugriff verschafft?
    Diskussionsforum - 20.12.2010 (1)
  9. Hatt wer auf meinem pc zugriff?
    Log-Analyse und Auswertung - 28.02.2010 (1)
  10. remote controll mit ip
    Mülltonne - 09.07.2009 (0)
  11. Remote IPC
    Log-Analyse und Auswertung - 11.05.2009 (0)
  12. Woran erkenne ich ob jmd Zugriff zu meinem Computer hat?
    Überwachung, Datenschutz und Spam - 20.07.2008 (14)
  13. Remote Software
    Mülltonne - 19.07.2006 (1)
  14. Remote Prog???
    Plagegeister aller Art und deren Bekämpfung - 08.05.2005 (4)
  15. Remote Prog???
    Plagegeister aller Art und deren Bekämpfung - 08.05.2005 (1)
  16. Remote System
    Plagegeister aller Art und deren Bekämpfung - 09.03.2005 (4)
  17. Remote system versucht Zugriff! Hilfe!!!
    Plagegeister aller Art und deren Bekämpfung - 30.05.2004 (18)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Remote Zugriff auf meinem PC? - Hallo, habe heute meinen PC eingeschaltet, und dann erst mal den Browser etc. geöffnet, als ich dann plötzlich keine Klicks machen konnte, und mein Laufwerk sich öffnete, und schliesste. Dann - Remote Zugriff auf meinem PC?...
Archiv
Du betrachtest: Remote Zugriff auf meinem PC? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19